MBAM Offline Activator [v2] by MaRk15.exe

MBAM Offline Activator [v2] by MaRk15

Product:
MBAM Offline Activator [v2] by MaRk15

Version:
2.0.0.0

MD5:
91b4e07370e7cabd18da95d4199a0ffc

SHA-1:
e126bf6ec3521908ab55ff61c76bf5eb3311182d

SHA-256:
b49cce61932f56e86abfa84aab9fd1cff3836465a1e5c22977613099b45f6652

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 3:00:30 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Crypt.Xpack!c
2.1.4+

Avira AntiVirus
TR/Crypt.XPACK.Gen7
8.3.3.4

IKARUS anti.virus
Trojan.Crypt
t3scan.2.0.9.0

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16412

File size:
384 KB (393,216 bytes)

Product version:
2.0.0.0

Copyright:
Copyright © 2016 | MaRk15

Original file name:
MBAM Offline Activator [v2] by MaRk15.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mbam offline activator [v2] by mark15.exe

File PE Metadata
Compilation timestamp:
4/4/2016 9:43:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:xIuwbhhm73uop05j45oL8K4kEsMEpmCuKC5rGp6hLPyhPQl3eyEc5:h2uruop05jH9mRh5rJtyql3xEe

Entry address:
0x4360E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6321

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
262 KB (268,288 bytes)

The file MBAM Offline Activator [v2] by MaRk15.exe has been seen being distributed by the following 8 URLs.

https://openload.co/.../sQslJ0eULZg~1482429014~112.203.0.0~uiBZ9cWZ

https://openload.co/.../sQslJ0eULZg~1482035955~122.53.0.0~n8PEs1Oh

https://openload.co/.../sQslJ0eULZg~1474458246~49.149.0.0~ZST5hgG-

https://openload.co/.../sQslJ0eULZg~1474193368~112.198.0.0~wZGwAyBX

https://oqbkhx.oloadcdn.net/dl/l/y5gLyOD-UHw/.../MBAM Offline Activator [v2] by MaRk15.exe

https://openload.co/.../sQslJ0eULZg~1475759534~124.104.0.0~99vHxUly

https://openload.co/.../sQslJ0eULZg~1476229774~130.105.0.0~y-bZvW6W

Scan MBAM Offline Activator [v2] by MaRk15.exe - Powered by Reason Core Security